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(54) System and method for controlling transmission of stored information to internet websites 



(57) A system and method for controlling the trans- 
mission of information known as "cookies" stored on 
electronic media to Internet websites accessed by PC 
users utilizes a "cookie jar" in a server-based virtual wal- 
let for the user. When a website server sends a "cookie" 
to the user's PC, the virtual wallet stores the cookie only 
after requesting and receiving the user's permission. 



When the user accesses the website server again, and 
the server requests return of the cookie, the virtual wallet 
sends the cookie only after requesting and receiving the 
user's permission. Alternatively, the user can preconfig- 
ure the virtual wallet with predefined parameters for 
withholding or sending the cookie when requested by 
the website server. 
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Description 

CROSS REFERENCE TO RELATED APPLICATIONS 

[0001] This application is a non-provisional continua- 
tion-in-part of co-pending U.S. Provisional Patent Appli- 
cation Serial No. 60/081,748 filed April 14, 1998, co- 
pending U.S. Utility Patent Application Serial No. 
09/1 90,993 filed November 12, 1998, U.S. Utility Patent 
Application entitled "System and Method for Securely 

Storing Electronic Data," Serial No. filed , 

and U.S. Utility Patent Application entitled "Digital 

Graphic Signature System, * Serial No. filed 

, which are incorporated herein by reference. 

FIELD OF THE INVENTION 

[0002] This invention relates generally to Internet 
web-based client/server applications and, more partic- 
ularly, to a system and method for controlling the trans- 
mission of information stored on electronic media to In- 
ternet websites accessed by consumers. 

BACKGROUND 

[0003] As the Internet has evolved, the purpose for 
maintaining a website has also evolved. Websites are 
now used not only to entertain those accessing them, 
but are also used as a vehicle to provide products, serv- 
ices, and information, in some instances in exchange 
for a fee. Thus, many website owners are now using 
their websites as a virtual store front or service counter. 
Interactions occurring at traditional service counters or 
in traditional stores involve personal contact that allows 
the owner or the owner's employees to identify custom- 
ers visually, if not by name. Ideally, after a consumer has 
had a number of interactions with an owner, the owner 
is able to note the consumer's preferences and link 
those preferences to the consumer's identity. Linking 
customers' personal preferences to their identities al- 
lows store owners and service providers to remain com- 
petitive by allowing them to respond more quickly to their 
customers' needs. 

[0004] Because website owners do not have personal 
contact with those accessing their websites, website 
owners require some means other than visual contact 
to identify their virtual customers. One mechanism that 
was developed to help website owners identify those ac- 
cessing their sites is the cookie. A cookie is a small piece 
of software, usually no more than a few lines of text, that 
is deposited upon the hard drive of the personal com- 
puter (PC) accessing a website. PC's use HyperText 
Transfer Protocol (HTTP) to access websites on the 
world wide web portion of the Internet. An HTTP trans- 
action involves a request by the individual PC attempt- 
ing to access a website and a response issued by the 
website's server. 

[0005] Generally, a software application resident on 



the PC, normally referred to as a browser, sends a re- 
quest to a server and the server issues a response in 
which it returns a HyperText Markup Language (HTML) 
document to the PC's browser. The transfer of a cookie 

s takes place as a part of the HTTP transaction process. 
The website server transmits a cookie to the PC's 
browser along with the rest of the HTML document re- 
quested (i.e., the web page accessed). The browser 
then stores the cookie on the individual PC's hard drive. 

10 Hence, the transfer of a cookie can be no more obvious 
than an HTML file download. In fact, cookies are meant 
to be invisible and are a means for website owners to 
gather information without bothering their website visi- 
tors. 

is [0006] Cookies are a general mechanism allowing 
servers at websites to store information on the hard 
drive of PC's that access their websites. A server can 
retrieve and thus make use of only those cookies it has 
sent. Normally, a server cannot access cookies placed 

20 by other servers. Thus, information inside a cookie usu- 
ally includes the description of the range of Uniform Re- 
source Locators (URLs), or website addresses, which 
may access that cookie. Future HTTP URL requests 
made by a PC upon which a cookie is resident that fall 

25 within the range of URL's identified in the cookie include 
a transmittal of the cookie from the PC to the server. 
When a server retrieves a previously placed cookie, the 
server can update the information received and transmit 
an updated cookie back to the PC. 

30 [0007] The type of information stored in a cookie can 
vary widely. For example, cookies are used by website 
owners to obtain an assortment of useful information 
about visitors to their website. In their simplest form, 
cookies can be used as a type of identification badge 

35 that is not personal. For example, a cookie may only re- 
port back to its server that a user identified by a number 
regularly views specific pages at the website. A cookie 
can keep a record of pages visited most frequently and 
how much time was spent on those pages. The kind of 

40 things normally written in a cookie include, for example, 
the visitor's ID in the website database or the pages 
most often visited previously or any number of other 
things that are useful to the website owner. Cookies in- 
dicate, for example, the last time the user visited the site, 

45 how often the user visited the site, what pages the user 
viewed, and what the user's interests are. 
[0008] Cookies enable the website owner to respond 
quickly and efficiently to serve a multitude of user's of 
the website. For example, if a user visits a number of 

50 pages of the website in sequential order and stops at 
page number 25 of 45 pages, the next time the user vis- 
its the website, the cookie indicates where the user 
stopped and may ask the user if she wants to continue 
where she left off. Cookies enable a website owner to 

ss recognize its customers when they come back into the 
store and to provide them with some level of either cus- 
tom service or personalized service in much the same 
way as a traditional service counter store. 
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[0009] Cookies are like notes to the website owner A 
cookie lets the website owner write a note to itself and 
give it to the customer Every time the customer returns 
to the website, she brings the note with her, and the web- 
site owner can read the note and determine what should 
be remembered about the customer from the note. The 
website owner can change what is stored in the note 
over time or give each customer a number of different 
notes, so the website owner can remember a number 
of different things about each customer. 
[0010] Cookies can also be used to provide a more 
personalized world wide web browsing experience. For 
example, a website can request that the user fill out a 
form detailing the type of information the user prefers to 
retrieve each time she visits the particular website. The 
user's preferences are stored in a file maintained at the 
website server and linked to a specific cookie transmit- 
ted to the user's PC. The next time that particular PC 
accesses the website, the cookie transmitted to the 
website identifies the file containing the user's prefer- 
ences so that only the information the user indicated 
was of interest is provided. Use of cookies in this manner 
frees users from retyping a user-ID during subsequent 
connections. When feasible, a website can store the us- 
er's preferences in a cookie. Then, the website can ob- 
tain the user's preferences each time the user accesses 
the website. 

[0011] Websites offering a shopping basket to Inter- 
net shoppers may use cookies to retain information 
about items placed in the shopping basket. Cookies en- 
able virtual customers to put items into their shopping 
basket, end their on-line session, and then see their bas- 
ket as they left it when they return to the site. Cookies 
can also track how users navigate around a website, 
which pages they visit most frequently, how they enter 
those pages, and whether navigation can be made more 
efficient. For example, if a user has accessed a website 
having a number of sequential pages, a cookie can be 
used to note at which page in the sequence the user 
signed off and inquire if the user would like to continue 
where they left off during the next on-line session. Cook- 
ies can track this kind of information on a user-by-user 
basis. 

[0012] Well designed cookies allow website owners 
to determine whether certain pages are launching points 
for users, or whether other pages typically cause users 
to head elsewhere on the web. Even a simple task like 
counting visitors can be enhanced through cookies. Ab- 
sent information contained in a cookie, a typical counter 
cannot determine how many individual users have vis- 
ited a site or how many of the total hits are repeat visits. 
In a sense, cookies allow website owners to write a note 
to themselves and give it to their visitors. Then, every 
time the user returns to the website, the owner can re- 
trieve the note and identify the visitor and their prefer- 
ences. 

[0013] Currently, users can only control whether they 
will accept a cookie from a website and have no control 



over the distribution of cookies resident on their PC hard 
drives. Internet browsers can be configured to request 
the consumer's permission to accept an offered cookie. 
By default, browsers are configured to accept cookies 
s from websites without asking the consumer for permis- 
sion. Many consumers do not configure their browser to 
inquire whether the user will accept cookies offered be- 
cause they are unaware of their ability to do so. Others 
do not configure their browsers because the> browsing 
io experience becomes too cumbersome as many web- 
sites regularly attempt to send dozens of cookies during 
transmission of a single HTML document. 
[001 4] Even if consumers configure their browsers to 
request permission before accepting a cookie, once a 
is cookie is accepted, consumers currently have no control 
over the dissemination of information stored in cookies 
on their PCs' hard drives. Although the client side of the 
browser allows the visitor to decide whether she wants 
the cookie or not in the first place, once a cookie is there, 
there is nothing that prevents the cookie from being re- 
trieved. 

SUMMARY OF THE INVENTION 

[001 5] It is a feature and advantage of the present in- 
vention to provide PC users with the ability to manage 
the flow and content of information in cookies in order 
to protect the privacy of the information contained in 
storage areas of their PC's. 

[0016] It is a further feature and advantage of the 
present invention to provide on-line customers with the 
ability to control where a cookie will be stored and, spe- 
cifically, to provide consumers with the ability to protect 
the privacy of information contained in cookies. 
[0017] It is another feature and advantage of the 
present invention to provide consumers with the ability 
to control the dissemination of cookies resident on elec- 
tronic storage media. 

[001 8] It is an additional feature and advantage of the 
present invention to allow consumers to assign hierar- 
chical levels of privacy to different types of information 
contained in cookies and control dissemination of the 
cookies by the assigned privacy values. 
[001 9] It is still another additional feature and advan- 
tage of the present invention to allow consumers to mon- 
itor and meter information that merchants, i.e., websites, 
take and leave in the form of cookies. 
[0020] It is still a further feature and advantage of the 
present invention to permit consumers to realize the val- 
ue of information contained in cookies in the electronic 
wallets or on their PC hard drives, for example, by re- 
quiring compensation for access to information con- 
tained in their cookies. 

[0021] To achieve the stated and other features, ad- 
vantages, and objects of the present invention, an em- 
bodiment of the present invention provides a system 
and method for controlling transmission of stored data 
to an Internet website server utilizing a "cookie jar" in an 
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electronic or virtual wallet. In an embodiment of the 
present invention, the system stores the data for the 
website server when a user accesses the website. At a 
later time, when the user again accesses the website, 
the system of the present invention receives a request 
from the web server for transmission of the stored data 
to the website server. The system of the invention gen- 
erates or forms a decision regarding a response to the 
request and automatically executes the decision regard- 
ing the response to the request. 
[0022] In an embodiment of the present invention, 
storing the data involves accessing the website server 
by the user at a terminal, such as a personal computer 
with a browser application. When the website server is 
accessed by the user over the Internet, the website serv- 
er sends the data to the browser application, which for- 
wards the data to the virtual wallet application for the 
user. The virtual wallet application, which is server 
based, requests permission of the user to store the data 
by automatically prompting the user at the terminal for 
the permission. The user enters a decision at the termi- 
nal to either withhold permission or grant permission. If 
the user grants permission to store the data, the data is 
automatically stored by the virtual wallet application. 
[0023] When the user again accesses the same web- 
site server, the website server sends a request for trans- 
mission of the stored data, which is received by the vir- 
tual wallet application for the user. The virtual wallet ap- 
plication automatically generates or forms a decision by 
prompting the user at the terminal for the user's decision 
regarding a response to the request from the website 
server. The user enters a decision at the terminal either 
denying the request or granting the request. 
[0024] In an embodiment of the present invention, al- 
ternatively, the user can preconfigure the virtual wallet 
application with at least one predefined parameter for 
the decision regarding the response to the request. The 
predefined parameter is, for example, a parameter re- 
lating to the information contained in the stored data, 
such as the user's name and/or address, or, for exam- 
ple, a parameter relating to the identification of the web- 
site server requesting transmission of the stored data. 
The preconfigured virtual wallet application automatical- 
ly generates or forms a decision for the user based at 
least in part on one or both of the predefined parame- 
ters. In other words, the virtual wallet application auto- 
matically generates or forms a decision for the user ei- 
ther withholding or sending the stored data to the web- 
site server based at least in part on one or both of the 
parameters. 

[0025] The decision regarding the response is auto- 
matically executed by the virtual wallet application for 
the user by automatically sending the response to the 
website server either denying the request and withhold- 
ing the stored data or granting the request and sending 
the stored data to the website server. The system in- 
cludes a terminal, such as the user's personal computer, 
with a browser application, which is used to access the 



website server, as well as a server-based electronic or 
virtual wallet application communicating with the user's 
PC, for example, over a network such as the Internet. 
[0026] Additional objects, advantages, and novel fea- 
s tures of the invention will be set forth, in part, in the de- 
scription that follows, and, in part, will become more ap- 
parent to those skilled in the art upon examination of the 
following, or may be learned by practicing the invention. 

io BRIEF DESCRIPTION OF THE DRAWINGS 

[0027] In the figures: 

Fig. 1 shows an overview of key components and 
15 the flow of information between the key compo- 
nents of a typical prior art interaction between a 
website and a PC with a browser; y 
Fig. 2 is a flow chart which amplifies the flow of in- 
formation shown in Fig. 1 and provides further detail 
20 regarding the prior art interaction between the web- 
site server and the PC with an unconfigured brows- 
er; 

Fig. 3 is a flow chart which amplifies the flow of in- 
formation shown in Fig. 1 and provides further detail 
2S in regarding the prior art interaction between the 
website server and the PC with the browser config- 
ured to ask for the user's permission before accept- 
ing a cookie; 

Fig. 4 shows an overview of key components and 
30 the flow of information between the key compo- 
nents for an embodiment of the present invention; 
and 

Fig. 5 is a flow chart which amplifies the flow of in- 
formation shown in Fig. 4 and provides further detail 
35 regarding the process of an interaction between the 
website server and the PC with a cookie jar in an 
electronic or virtual wallet for an embodiment of the 
present invention. 

40 DETAILED DESCRIPTION 

[0028] Referring now in detail to an embodiment of the 
invention, an example of which is illustrated in the ac- 
companying drawings, the present invention provides a 

45 system and method for controlling the transmission of 
information stored on electronic media to Internet web- 
sites accessed by consumers. The present invention 
provides a PC user with a certain degree of control, for 
example, over the manner in which cookies stored on 

so their PC hard drive are distributed. Additionally, an em- 
bodiment of the present invention enables the PC user 
to build a certain level of intelligence into the user's 
browser. 

[0029] As used herein, a cookie is a piece of informa- 
55 tion that a server can deposit on a device accessing the 
server. For example, a website server may deposit a 
cookie on the computer of a browser user who is ac- 
cessing the website. The cookie contains information 
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the user has given to the website, such as information 
on a form filled out to access the site. Typically, only the 
server that deposited the cookie can access the infor- 
mation on the cookie. The system and method of the 
present invention, referred to herein as the cookie jar, 
provides PC users/owners with the ability to protect the 
privacy of information in the cookie and/or realize the 
value of the information. 

[0030] The system and method for an embodiment of 
the present invention also manages the flow and content 
of information in cookies. For example, the system of 
the present invention can allow a cookie to be added 
freely if the PC user can read and approve the data that 
is to be stored on her hard drive. Similarly, this feature 
of the system of the present invention advantageously 
allows information contained in the cookie to be re- 
moved, but with some condition, such as approval by 
the PC user. 

[0031] In addition, the PC user can establish policies 
for different levels of information such that some infor- 
mation may be removed without prompting the PC user. 
Further, because information in cookies has some val- 
ue, PC users may require some form of compensation 
for the removal of information in a cookie. Thus, the sys- 
tem and method of the present invention monitors and 
meters the information in cookies that merchants take 
and leave. 

[0032] The system for an embodiment of the present 
invention makes use of application software, such an 
electronic or virtual wallet, and the cookie jar which re- 
sides in the electronic or virtual wallet for an embodi- 
ment of the present invention. An electronic wallet is an 
embodiment of software acting as a container, for ex- 
ample, for payment mechanisms, identity authentication 
mechanisms, personal information, and electronic arti- 
facts of the owner. An electronic wallet can reside, for 
example, on a consumer's PC, on a server, or on a smart 
card. 

[0033] Currently, many electronic wallets focus on 
payment mechanisms. However, electronic wallets can 
also be used to maintain identification information, credit 
card account information, customer loyalty program in- 
formation, personal information managers, site profile 
repositories, calling cards, and agent profiles, as well as 
other payment mechanisms (e.g., debit card informa- 
tion). For a detailed discussion of an electronic wallet, 
see, for example, currently co-pending and co-owned 
provisional application serial number 60/081,748 filed 
on April 14, 1998, incorporated herein by reference. In- 
formation stored in an electronic wallet can be transmit- 
ted and received by the owner of the electronic wallet, 
for example, through the Internet or other types of net- 
works in the form of cookies. 

[0034] The system and method for an embodiment of 
the present invention enables the PC user to specif y, for 
example, that any cookie offered by the website of a par- 
ticular entity, such as the user's bank, can be accepted, 
and any time that the website of the particular entity asks 
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for the cookie, the cookie can be given back to the entity. 
On the other hand, for websites of entities with which 
the PC user does not want as much information ex- 
changed, the user can specify that for any cookie offered 
s by the particular website, the user's permission must 
first be requested. 

[0035] Further, the system and method of the present 
invention allows the PC user to specify, for example, if 
the cookie offered by a particular website has the user's 
to io on it, the user's permission must be requested, but if 
the cookie does not have the user's ID on it, permission 
is not required. The system and method of the present 
invention provides a value added service for PC users 
in terms of privacy and data protection, and allows the 
is users to decide what level of data protection they want 
to have. 

[0036] Currently, cookies are stored in a plain text file 
on the hard drive of the user's PC, where the browser 
software is installed. Typically, the browser can be con- 
figured by the PC user, for example, to ask the user for 
permission before accepting a cookie. Fig. 1 shows an 
overview of key components and the flow of information 
between the key components of a prior art interaction 
between a PC with a browser and a website server. A 
typical cookie interaction involves a web server 2 for the 
website and a user's computer or PC 4. When the user 
6 at her PC 4 goes to the website, if the web server 2 
wants to write a cookie, it contacts the browser 8 on the 
user's PC and sends the cookie to the browser. If the 
browser 8 is not configured by the user 6, the cookie is 
automatically stored on the user's PC 4 by the web serv- 
er 2. If the browser 8 is configured, the configured 
browser on the user's PC 4 then asks the user 6 whether 
it is okay to accept the cookie, and the user answers 
either yes or no. If the user answers yes, the data is 
written to the user's PC 4 by the web server 2. 
[0037] Fig. 2 is a flow chart which amplifies the flow 
of information shown in Fig. 1 and provides further detail 
in the prior art interaction between the website server 2 
and the user's PC 4 with an unconfigured browser 8. At 
S1 , the user 6 surfing the Internet accesses the website. 
At S2, the accessed website server 2 loads a web page 
onto the user's PC 4 and places a cookie on the hard 
drive of the user's PC in a folder designated by the 
browser 8. At a later time, at S3, when the user 6 returns 
to the website, the website server 2 retrieves the infor- 
mation contained in the cookie from the user's PC 4. At 
S4, the website server 2 loads the web page onto the 
user's PC 4 and may send a new cookie or an updated 
cookie to the user's PC 4. 

[0038] Fig. 3 is a flow chart which amplifies the flow 
of information shown in Fig. 1 and provides further detail 
in the prior art interaction between the website server 2 
and the user's PC 4 with the browser 8 which is config- 
ured by the user 6 to ask for permission before accepting 
a cookie. At S11, the user 6 accesses the website. At 
St 2, the accessed website server 2 requests permis- 
sion to load a cookie in the hard drive of the user's PC 
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4. At S13, if the user 6 does not accept the cookie, the 
accessed website server 2 does not place a cookie on 
the hard drive of the user's PC 4, and at S1 4, the website 
server loads the web page onto the user's PC 4. When 
the user 6 returns to the same website, the user is treat- 
ed by the website server 2 as a first time visitor, and the 
process is repeated. 

[0039] Referring further to Fig. 3, alternatively, at S1 5, 
if the user 6 accepts the cookie, the accessed website 
server 2 loads the cookie and the web page onto the 
user's PC 4 at S16. At a later time, when the user 2 re- 
turns to the website at S17, the website server 2 wants 
to know what cookies it has stored on the user's PC 4. 
The web server 2 asks the browser 8 on the user's PC 
4 to give its cookies back. The web server 2 asks for the 
name of the cookie it wants back, and the cookie is sent 
back automatically by the browser 8 on the user's PC 4 
at S18, and the website server 2 loads the web page 
onto the user's PC 4 at S19. Thus, while the PC user 6 
can configure her browser not to accept cookies without 
asking the user for permission, the user has no control 
over cookies after they are accepted. 
[0040] Fig. 4 shows an overview of key components 
and the flow of information between the key components 
of an interaction between the website server 2 and the 
user's PC with the cookie jar 10 for the method and sys- 
tem for an embodiment of the present invention. Accord- 
ing to the present invention, instead of writing cookies 
to the hard disk of the user's PC 4 on which the user's 
browser 8 is installed, the cookies are stored, for exam- 
ple, in the user's electronic wallet 12. Thus, when the 
PC user 6 goes to a website, and the web server 2 asks 
if it can give the user a cookie and the user assents, the 
cookie is sent by the web server to the browser 8 on the 
user's PC 4, but is forwarded to the user's electronic wal- 
let 12. 

[0041] The system and method of the present inven- 
tion stores the cookie in the secure data store of the 
electronic or virtual wallet 1 2, with all the other electronic 
information likewise stored in the electronic wallet. The 
electronic wallet 1 2 is, for example, a server-based wal- ' 
let so that the cookie is available wherever the electronic 
wallet is available. Thus, the cookie is sent to and stored 
in the PC user's electronic wallet 12, rather than being 
written on the hard drive of the user's PC 4 where the 
user's browser 8 is installed. 

[0042] Fig. 5 is a flow chart which amplifies the flow 
of information shown in Fig. 4 and provides further detail 
regarding an interaction between the website server 2 
and user's PC 4 with the browser 8 and the cookie jar 
10 in the electronic wallet 12. At S21 , the user 6 access- 
es the website, and at S22, the website server requests 
permission to write data to the cookie storage on the 
user's PC 4. At S23, the request is passed from the 
browser 8 to the cookie jar 10, which resides in the elec- 
tronic or virtual wallet 12, and the virtual wallet asks the 
user 6 if it is okay for the particular website server to 
store a cookie. The user 6 makes a decision as to wheth- 



er or not the cookie will be received, and at S25, if the 
user 6 refuses permission, the website server 2 simply 
loads the web page onto the user's PC 4. When the user 
6 returns to the same website, the website server 2 
s treats the user as a first time visitor, and the process is 
repeated. 

[0043] Referring further to Fig. 5, alternatively, at S26, 
if the user 6 accepts the cookie, the cookie data is sent 
by the web server 2 to the browser 8 on the user's PC 

10 4. At S27, the browser forwards the cookie data to the 
virtual or electronic wallet 12, which stores the cookie 
data in the cookie jar 10 resident in the electronic wallet. 
At S28, when the user 6 returns to the website, the web 
server 2 requests that its cookie be returned at S29. 

is However, the cookie is not automatically returned. In- 
stead, the user 6 controls whether or not the cookie is 
returned to the website server 2. The way that decision 
is made is determined in the system of the present in- 
vention with the cookie in the electronic or virtual wallet 

20 12. The user's control over the cookie is exercised by 
the user 6 either authorizing or denying permission for 
the cookie to be returned. 

[0044] Referring again to Fig. 5, if the cookie jar 1 0 is 
not preconfigured by the user 6, at S41 , the cookie jar 

25 asks the user whether it is okay to send the cookie. De- 
pending on whether the user 6 grants or refuses permis- 
sion, the cookie is or is not returned to the website server 
2. On the other hand, the user 6 can preconfigure the 
cookie jar 10 to allow full access to the cookie jar by a 

30 particular website server, such as the user's bank, in 
which case the user will not even be asked, and the 
cookie is automatically sent by the cookie jar to the par- 
ticular website server. However, the user 6 can also pre- 
configure the cookie jar 1 0 to never allow access to the 

35 cookie jar by a particular website server, in which case 
the user likewise will not be asked, and the request will 
simply be flatly denied. 

[0045] Alternatively, the user 6 can preconfigure the 
cookie jar 1 0 to notify the user when a particular website 

40 server requests return of a cookie that contains informa- 
tion of a predefined nature and to ask the user if she 
wants the cookie to be released. The user 6 can likewise 
answer yes or no and grant or deny the website's re- 
quest for return of the cookie. Depending upon how the 

45 user 6 configures her electronic wallet 1 2 and the cookie 
jar 10 within the electronic wallet to behave, there are 
numerous other possible options for the manner in 
which the cookie information is sent back and forth. 
[0046] An embodiment of the system and method of 

50 the present invention involves a set of intelligence lead- 
ing up to the yes or no answers. Depending on the par- 
ticular website and depending on the nature of the in- 
formation that is being exchanged, different users have 
different preferences as to how often they want to actu- 

55 ally be asked whether to release a cookie. For example, 
if the information in the cookie happens to include the 
user's name and address, the user 6 may be very sen- 
sitive about where her name and address information is 
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sent. On the other hand, the user 6 may not be very sen- 
sitive if the information in the cookie is only the user's 
ID number for a specific website. 
[0047] The system and method of an embodiment of 
the present invention has the ability built inside the in- 
teraction of the decision for the user 6 to configure the 
cookie jar 10 never to release certain kinds of informa- 
tion, such as the user's name and address, without ask- 
ing the user. Likewise, the user 6 can configure the cook- 
ie jar 10 so that when she logs onto, for example, her 
bank's website, the cookie jar does not need to ask the 
user for permission to release information. 
[0048] In an embodiment of the present invention, the 
system provides, for example, for preconfiguring the 
cookie jar 10 with two sets of controls. One set of con- 
trols enables the user 6 to preconfigure the cookie jar 
10, for example, based on the data that is within the 
cookie. Thus, when the website server 2 requests return 
of a cookie, the cookie jar 10 reads all the data in the 
cookie and makes a value judgment based on that data 
whether or not to release the cookie. Another set of con- 
trols enables the user 6 to preconfigure the cookie jar 
10, for example, based on who is asking for the data in 
the cookie. Thus, the cookie jar's decision whether or 
not to release the cookie is not necessarily based on 
what is inside the data, but simply where the information 
is going to be sent. The cookie jar 10 can manage both 
dimensions of concern. 

[0049] Referring once again to Fig. 5, if the cookie jar 
10 is preconfigured by the user 6 to make a decision 
whether or not to release a cookie without interaction 
between the user and the cookie jar based on data in- 
side the cookie or the identity of the website requesting 
the cookie, at S31 , the cookie jar reads the data inside 
the cookie and/or identifies the website and makes a de- 
cision not to release the cookie. At S32, the cookie jar 
1 0 den ies the request to release the cookie, and the web 
page is loaded at S33. Alternatively, at S34, the cookie 
jar, upon reading the data inside the cookie and/or iden- 
tifying the requesting website, makes a decision to re- 
lease the cookie. At S35, the cookie jar 10 sends the 
cookie to the website server 2, and the web page is like- 
wise loaded at S36. 

[0050] In an embodiment of the present invention, 
when the user 6 returns to a website which has previ- 
ously been allowed to store a cookie in the user's cookie 
jar 10, if a decision is made not to release the cookie, 
the website server 2 assumes that the user is a new user 
and displays, for example, a new user screen on the us- 
er's PC 4. Thus, the user 6 can choose whether or not 
to release the cookie and can set conditions for release 
of the cookie. For example, the user 6 can set the con- 
dition for release of a cookie stored in the user's cookie 
jar 10 as being real-time approval, and if there is an un- 
usually long cookie that has the user's name in it, user 
is presented with a dialogue box which says that the 
cookie that contains the user's name will be sent to the 
particular website. The user 6 can respond with either 



a yes or no answer to either allow or deny permission 
to send the cookie to the website. 
[0051] Various preferred embodiments of the inven- 
tion have been described in fulfillment of the various ob- 

5 jects of the invention. It should be recognized that these 
embodiments are illustrative of the principles of the 
present invention. Numerous modifications and adapta- 
tions thereof will be readily apparent to those skilled in 
the art without departing from the spirit and scope of the 

io present invention. Accordingly, the invention is limited 
only by the following claims. 



Claims 

is 

1 . A method for controlling transmission of stored data 
to an Internet website server, comprising: 

storing the data for the website server; 
receiving a request for transmission of the 
stored data to the website server; 
forming a decision regarding a response to the 
request; and 

automatically executing the decision regarding 
the response to the request 

The method of claim 1 , wherein storing the data fur- 
ther comprises accessing the website server by a 
user at a terminal. 

The method of claim 2, wherein the terminal further 
comprises a personal computer with a browser ap- 
plication. 

The method of claim 2, wherein accessing the web- 
site server further comprises accessing the website 
server over a network. 

The method of claim 4, wherein the network further 
comprises the Internet. 

The method of claim 3, wherein accessing the web- 
site server further comprises sending the data by 
the website server. 

The method of claim 3, wherein sending the data 
by the website server further comprises sending the 
data to the browser application. 

The method of claim 7, wherein sending the data to 
the browser application further comprises forward- 
ing the data by the browser application to a virtual 
wallet application for the user. 

The method of claim 8, wherein the virtual wallet 
application further comprises a server-based virtual 
wallet application. 
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10. The method of claim 8, wherein forwarding the data 
to the virtual wallet application further comprises re- 
questing permission of the user by the virtual wallet 
application to store the data. 

11. The method of claim 10, wherein requesting the 
permission of the user further comprises automati- 
cally prompting the user at the terminal for the per- 
mission by the virtual wallet application. 

12. The method of claim 11, wherein prompting the user 
for permission further comprises entering a deci- 
sion by the user at the terminal regarding the re- 
quest for permission to store the data. 

13. The method of claim 12, wherein entering the deci- 
sion by the user further comprises entering the de- 
cision by the user granting the permission. 

14. The method of claim 1 3, wherein entering the deci- 
sion granting the permission further comprises stor- 
ing the data by the virtual wallet application. 

15. The method of claim 1, wherein receiving the re- 
quest for transmission of the stored data further 
comprises accessing the website server by a user 
at a terminal. 

16. The method of claim 15, wherein accessing the 
website server further comprises accessing the 
website server over a network. 

17. The method of claim 1 6, wherein the network further 
comprises the Internet. 

18. The method of claim 15, wherein accessing the 
website server by the user further comprises send- 
ing the request for transmission by the website serv- 
er. 

19. The method of claim 1B, wherein sending the re- 
quest by the website server further comprises re- 
ceiving the request by a virtual wallet application for 
the user. 

20. The method of claim 1 , wherein forming the deci- 
sion regarding the response to the request further 
comprises receiving the request by a virtual wallet 
application for a user. 

21. The method of claim 20, wherein receiving the re- 
quest by the virtual wallet application further com- 
prises automatically prompting the user at a termi- 
nal by the virtual wallet application for the decision 
regarding the response to the request. 

22. The method of claim 21 , wherein the terminal fur- 
ther comprises a personal computer. 



23. The method of claim 21, wherein automatically 
prompting the user for the response further com- 
prises entering the decision by the user at the ter- 
minal. 

5 

24. The method of claim 23, wherein entering the deci- 
sion further comprises entering the decision by the 
user at the terminal denying the request. 

10 25. The method of claim 24, wherein entering the deci- 
sion further comprises entering the decision by the 
user at the terminal granting the request. 

26. The method of claim 20, wherein forming the deci- 
*5 sion further comprises preconfiguring the virtual 
wallet application by the user with at least one pre- 
defined parameter for the decision regarding the re- 
sponse to the request. 

26 27. The method of claim 26, wherein preconfiguring the 
virtual wallet application further comprises precon- 
figuring the virtual wallet application with at least 
one predefined parameter selected from a group 
consisting of a parameter relating to the stored data 
25 and a parameter relating to the website server re- 
questing transmission of the stored data. 

28. The method of claim 27, wherein forming the deci- 
sion further comprises automatically generating the 

30 decision by the virtual wallet application for the user 
based at least, in part, on at least one predefined 
parameter. 

29. The method of claim 28, wherein automatically gen- 
35 eratingthe decision further comprises automatically 

generating the decision by the virtual wallet appli- 
cation for the user denying the request based at 
least, in part, on the parameter relating to the stored 
data. 

40 

30. The method of claim 28, wherein automatically gen- 
erating the decision further comprises automatically 
generating the decision by the virtual wallet appli- 
cation for the user denying the request based at 

4 $ least, in part, on the parameter relating to the web- 
site server requesting transmission of the stored da- 
ta. 

31. The method of claim 28, wherein automatically gen- 
50 erating the decision further comprises automatically 

generating the decision by the virtual wallet appli- 
cation for the user granting the request based at 
least, in part, on the parameter relating to the stored 
data. 

55 

32. The method of claim 28, wherein automatically gen- 
erating the decision further comprises automatically 
generating the decision by the virtual wallet appli- 
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cation for the user granting the request based at 
least, in part, on the parameter relating to website 
server requesting transmission of the data. 

33. The method of claim 1 t wherein automatically exe- 
cuting the decision regarding the response further 
comprises automatically sending the response to 
the website server by a virtual wallet application for 
a user. 

34. The method of claim 33, wherein automatically 
sending the response further comprises automati- 
cally prompting the user at a terminal by the virtual 
wallet application for the decision regarding the re- 
sponse. 

35. The method of claim 34, wherein the terminal fur- 
ther comprises a personal computer 

36. The method of claim 34, wherein automatically 
sending the response further comprises entering 
the decision by the user at the terminal. 

37. The method of claim 36, wherein entering the deci- 
sion by the user further comprises entering the de- 
cision for one of denying the request by the user 
and granting the request by the user. 

38. The method of claim 37, wherein entering the deci- 
sion denying the request by the user further com- 
prises automatically withholding the stored data 
from the website server by the virtual wallet appli- 
cation for the user. 

39. The method of claim 37, wherein entering the deci- 
sion granting the request by the user further com- 
prises automatically sending the stored data to the 
website server by the virtual wallet application for 
the user. 

40. The method of claim 33, wherein automatically 
sending the response further comprises automati- 
cally generating the decision by the virtual wallet ap- 
plication for one of a response withholding the 
stored data and sending the stored data to the web- 
site server based on at least one predefined param- 
eter preconfigured in the virtual wallet application. 

41. The method of claim 40, wherein the at least one 
predefined parameter further comprises at least 
one predefined parameter selected from a group 
consisting of a parameter relating to the stored data 
and a parameter relating to the website server re- 
questing the stored data. 

42. The method of claim 41, wherein automatically 
sending the response further comprises automati- 
cally withholding the stored data from the website 



server by the virtual wallet application based at 
least, in part, on the parameter relating to the stored 
data. 

5 43. The method of claim 41, wherein automatically 
sending the response further comprises automati- 
cally withholding the stored data from the website 
server by the virtual wallet application based at 
least, in part, on the parameter relating to the web- 

10 site server requesting the stored data. 

44. The method of claim 41, wherein automatically 
sending the response further comprises automati- 
cally sending the stored data to the website server 

is based at least, in part, on the parameter relating to 
the stored data. 

45. The method of claim 41, wherein automatically 
sending the response further comprises automati- 
ze cally sending the stored data to the website server 

based at least, in part, on the parameter relating to 
the website server requesting the stored data. 

46. A system for controlling transmission of stored data 
25 to an Internet website server, comprising: 

means for storing the data for the website serv- 
er; 

means associated with the storing means for 
30 receiving a request for transmission of the 

stored data to the website server; 
means associated with the transmission means 
for forming a decision regarding the response 
to the request; and 
35 means associated with decision forming means 

for automatically executing the decision regard- 
ing the response to the request. 

47. The system of claim 46, wherein the means for stor- 
40 ing the data further comprises a virtual wallet appli- 
cation. 

48. The system of claim 47, wherein the virtual wallet 
application further comprises a server-based virtual 

45 wallet application. 

49. The system of claim 46, wherein the means for re- 
ceiving the request for transmission of the stored 
data further comprises a virtual wallet application. 

so 

50. The system of claim 49, wherein the virtual wallet 
application further comprises a server-based virtual 
wallet application. 

55 51. The system of claim 50, wherein the means for re- 
ceiving the request further comprises a terminal 
communicating with the virtual wallet application. 
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52. The system of claim 51 , wherein the means for re- 
ceiving the request further comprises the terminal 
communicating with the website server. 

53. The system of claim 46, wherein the means for s 
forming the decision regarding the response to the 
request further comprises a virtual wallet applica- 
tion. 

54. The system of claim 53, wherein the virtual wallet io 
application further comprises a server-based virtual 
wallet application. 

55. The system of claim 46, wherein the means for au- 
tomatically executing the decision regarding the re- is 
sponse to the request further comprises a virtual 
wallet application. 

56. The system of claim 55, wherein the virtual wallet 
application further comprises a server-based virtual 20 
wallet application. 
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